Wilson Sonsini Goodrich & Rosati

Wilson Sonsini Goodrich & Rosati's legacy closely traces the birth and evolution of Silicon Valley.

For nearly six decades, Wilson Sonsini has represented the technology pioneers associated with virtually every milestone innovation.

Today, the firm is synonymous with ushering promising, innovative companies through their business life cycle.

And as our clients have grown, so has our firm. Wilson Sonsini now represents many of the largest companies in the world—and thousands of the smallest ones, too.

Wilson Sonsini Goodrich & Rosati Blogs

The WSGR Data Advisor

Blog Authors

AB C DEF G HIJ K L MNO PQR S TUVWXYZ

Mariam Abdel-Malek

Jonathan Adams

Latest from Wilson Sonsini Goodrich & Rosati

The WSGR Data Advisor

Draft EDPB Guidelines Clarify the Roles of Parties Processing Personal Data and Call for Detailed Data Processing Agreements

By Cédric Burton, Laura Brodahl, Rossana Fol & Lore Leitner

September 24, 2020

On September 7, 2020, the European Data Protection Board (EDPB) published draft guidelines (Guidelines) intended to clarify the roles of the parties processing personal data and when they are operating as controllers, joint controllers, or processors under the EU General Data Protection Regulation (GDPR).…

The WSGR Data Advisor

EDPB Issues Guidelines on Social Media Targeting Under GDPR

By Cédric Burton, Christopher Olsen, Bastiaan Suurmond, Nikolaos Theodorakis & Alexandre Lépine

September 15, 2020

On Monday September 7, 2020, the European Data Protection Board (EDPB) issued draft Guidelines 8/2020 on the targeting of social media users (the “Draft Guidelines”). The Draft Guidelines have far-reaching implications for social media platforms, advertisers, and adtech companies, as they will result in a clarification of the roles and responsibilities of the key stakeholders, and establish rules for consent. The Draft Guidelines are open for public consultation until October 19, 2020. Interested companies can…

The WSGR Data Advisor

Initial Reaction of European Data Protection Regulators to Schrems 2.0 Judgment

By Christopher Foo, Josephine Jay, Lore Leitner, Nikolaos Theodorakis, Christopher Olsen, Cédric Burton & Alexandre Lépine

July 22, 2020

Over the last few days, the European Data Protection Board (EDPB), the European Data Protection Supervisor (EDPS) and various Supervisory Authorities (SAs) across Europe issued statements addressing the decision of the European Court of Justice (ECJ) to invalidate the EU-U.S. Privacy Shield framework (Schrems 2.0). Below we summarize some of the main reactions. The EDPB is working on a set of FAQs that will hopefully provide some level of clarification on key issues that companies…

The WSGR Data Advisor

ECJ Invalidates EU-U.S. Privacy Shield and Upholds the Standard Contractual Clauses

By Jan Dhont, Nikolaos Theodorakis & Bastiaan Suurmond

July 17, 2020

On July 16, 2020, the European Court of Justice (ECJ) declared the EU-U.S. Privacy Shield framework (Privacy Shield) invalid. The ECJ upheld the EU Standard Contractual Clauses (SCCs), but ruled that companies must verify prior to any transfer using SCCs that the parties can effectively provide the level of protection required by EU law.…

The WSGR Data Advisor

Liu v. SEC: Foreshadowing a Challenge to the FTC’s Disgorgement Authority

By Christopher Olsen & Libby Weingarten

July 10, 2020

In Liu v. Securities & Exchange Commission,1 the Supreme Court upheld, but circumscribed, the Securities and Exchange Commission’s (SEC’s) disgorgement authority by holding 8-1 that the SEC may seek disgorgement through its equitable relief power only if the award does not exceed a wrongdoer’s net profits and is awarded to victims. Although this decision is important in its own right, the Court’s underlying reasoning also has significant ramifications on a similar question regarding the Federal…

The WSGR Data Advisor

FTC Announces Unusually Stringent Consent Order in Privacy Shield Case Settlement

By Tracy Shapiro & Christopher Olsen

July 2, 2020

On June 30, 2020 the Federal Trade Commission (FTC) announced that it reached a settlement in its litigation against NTT Global Data Centers (formerly RagingWire Data Centers) over allegations that the company misled customers about its adherence to the EU-U.S. Privacy Shield framework.1 As part of the settlement, the cloud service provider is required to hire a third-party assessor to annually verify its compliance with the Privacy Shield if it chooses to participate in…

The WSGR Data Advisor

FTC Outlines Potential Changes to Enhance Privacy and Security Enforcement Efforts If Given More Resources

By Christopher Olsen & Brett Weinstein

July 1, 2020

On June 19, 2020, the Federal Trade Commission (FTC) submitted to Congress two reports that Congress requested in connection with the spending bill that funds the FTC. One of these reports (the “Resources Report”) describes the resources used and needed by the FTC to protect consumer privacy and security, and the second (the “Authorities Report”) describes the FTC’s use of its existing authorities to protect consumer privacy and security.…

The WSGR Data Advisor

CCPA Update: California Attorney General Submits Final Proposed Regulations to OAL

By Tracy Shapiro & Edward Holman

June 4, 2020

On June 2, 2020, the California Attorney General announced that it had submitted the final proposed regulations package for the California Consumer Privacy Act (CCPA) to the California Office of Administrative Law (OAL). The OAL now has 30 working days, plus an additional 60 calendar days under COVID-19-related Executive Order N-40-20, to review the package for compliance with California’s Administrative Procedure Act (APA). If approved by the OAL, the final regulations will then be…

The WSGR Data Advisor

EDPB Adopts Updated Consent Guidance

By Jan Dhont & Josephine Jay

May 15, 2020

On May 4, 2020, the European Data Protection Board (EDPB) adopted new guidelines (the guidelines) regarding the use of consent as a legal basis for processing personal data under the General Data Protection Regulation (GDPR).[1] The guidelines update and replace the Article 29 Working Party’s April 2018 guidance on the same topic. The guidelines remain largely unchanged from the earlier version but do provide helpful clarifications on two points: a) the validity of consent…

The WSGR Data Advisor

EDPB Publishes Guidelines on COVID-19 Related Data Usage

By Jan Dhont, Nikolaos Theodorakis & Christopher Foo

May 14, 2020

On April 21, 2020, the European Data Protection Board (EDPB) published two sets of guidelines addressing data processing in the context of the COVID-19 pandemic. These guidelines address the use of location data and contact tracing tools to combat the spread of COVID-19 and the use of health data for the purposes of scientific research into COVID-19 (together, the guidelines). Since March 2020, the EDPB and the European Commission (EC) have been active in addressing…

Wilson Sonsini Goodrich & Rosati

Wilson Sonsini Goodrich & Rosati Blogs

Blog Authors

Draft EDPB Guidelines Clarify the Roles of Parties Processing Personal Data and Call for Detailed Data Processing Agreements

EDPB Issues Guidelines on Social Media Targeting Under GDPR

Initial Reaction of European Data Protection Regulators to Schrems 2.0 Judgment

ECJ Invalidates EU-U.S. Privacy Shield and Upholds the Standard Contractual Clauses

Liu v. SEC: Foreshadowing a Challenge to the FTC’s Disgorgement Authority

FTC Announces Unusually Stringent Consent Order in Privacy Shield Case Settlement

FTC Outlines Potential Changes to Enhance Privacy and Security Enforcement Efforts If Given More Resources

CCPA Update: California Attorney General Submits Final Proposed Regulations to OAL

EDPB Adopts Updated Consent Guidance

EDPB Publishes Guidelines on COVID-19 Related Data Usage

Stay Connected

Company

Products

Support

New to the Network